Before, hackers would try to gain access to systems with the aim of levering profit through tricking users into clicking a malicious links or MITM. Since the rise of cryptocurrency, there has been a new mark in the world of cybercrime. Hackers are predominately less keen on our money – and more into our computer power instead. As a result, the chips that power our devices are being silently hijacked for mining cryptocurrency.
Hackers can use computer power to complete the complex mathematical puzzles that validate a block of cryptocurrency transactions. If a hacker manages to solve those tricky sums, they're rewarded. However, this is no easy task. Nonetheless, enthusiastic miners have found themselves investing huge sums in computer hardware in the hopes of winning these rewards, but as cryptocurrencies gain more power, more power is required to mine them.
One of the ways in which nasty mining tools end up on our device comes from the same method a malware would – clicking on a malicious link or opening file from emails. Zero-day attacks and new threats are appearing more constantly, as in recent news many android users were infected with a tool that mines a cryptocurrency called Monero (XMR). The result of such scheme has infected more than 500,000 window users and generated $3.6 million. More recently, malicious mining software has introduced its way onto mobile devices via text messages, rogue links on FB messenger and even via maliciously embedded google ads. As mentioned earlier, hackers are 'silently' hijacking power making victims unaware of what is going on with their infected slow running device.
Despite the potential rise of cybercrime, the rise of cryptocurrency has also caused a flash of positive global effect. As of recently, UNICEF have appealed to gamers with powerful Graphical User Interface (GPU) to mine Ethereum to help raise money for children in Syria. In addition, the GPU are now selling to gaming and mining customers which facilitates the mining of a certain cryptocurrency. Beyond the world of graphics card, demand has soared for dedicated mining rigs, such as AntMiner S9.
Miners require an enormous amount of electricity. The main expense for miners is the power and this helps to explain why hackers are now trying to get that power for free by stealing it. Anyone thinking 'if you can't beat them, join them' should maybe think again. Cryptomining is outweighing to be impractical and the volatility of the market means that the amount spent on mining coins might be better spent buying the coins from an exchange service.
Cyber Security training from QA
QA have uniquely positioned themselves to help solve the Cyber skills gap, from our CyberFirst and Cyber Apprenticeship programmes and Cyber Academies to Cyber Challenges, Training and Certifications and Consultancy for Cyber Security.
They offer end-to-end Cyber training and certifications from Cyber Awareness to deep dive Cyber Programmes and solutions; from Cyber Investigations, Cyber Crisis Management, Proactive Security to Offensive Defence. QA only employ world-leading Cyber trainers who have the expertise to deliver bespoke Cyber solutions, GCHQ accredited courses and proudly the CyberFirst programme. This is all to support tackling the UK's National Cyber Security skills shortage.
QA also have state-of-the-art CyberLabs, where companies can simulate real-life Cyber-attacks on their infrastructure, helping them to prevent & combat breaches without risking their own network.
Visit cyber.qa.com for more information on how they can help solve the Cyber Security skills gap.
James Aguilan currently works as a Cybersecurity Researcher. He has provided upskilling and development to Government Agencies, National Critical Infrastructures and Large Corporations through the simulation of cyber-attacks and forensic investigations workshops. In the past, James worked as a Data Consultant where he advised high profiling clients on how to handle their data in a Civil Litigation or Criminal Investigation. Notably, this includes the largest Merger between two US Powerhouse Conglomerate, a deal worth $87 billion. Additionally, he has also served as a Cybersecurity Consultant where he would Respond to Incidents and Perform Full Forensic Investigations. James holds a first-class honour in Computer Forensics and is actively working towards a Masters in Network Security and Penetration Testing.
More articles by James
Cyber Pulse: Edition 105
Cyber Pulse: Edition 104
Cyber Pulse: Edition 103
Cyber Pulse: Edition 102
Cyber Pulse: Edition 101
4 things you need to know about cyber security in 2020
How does Ransomware-as-a-Service work?
Phishing Campaigns: Defending organisations against phishing
Is Mr Robot a good representation of real-life hacking and hacking culture?
Safeguarding your Digital Footprint